[messaging] Short Auth Strings

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jan 31 12:58:49 PST 2014


On 01/31/2014 03:27 PM, Tony Arcieri wrote:
> I'll believe it when the "uncanny valley" is no longer a thing.

does "the uncanny valley" apply to audio?  what about audio over
noisy/choppy channels, when users are used to "filling in the gaps" just
to get on with their calls on a flakey network?

> While I don't disbelieve that in the future we'll have systems that can
> edit video and audio in realtime and swap out a SAS, in the meantime I
> think our brains do a remarkable job of 1) identifying the voices of people
> we know well even if they say just one word 2) discriminating between 3D
> animations and the real thing, to the point it's disturbing to see a
> near-perfect (but slightly off) recreation of a person

Aren't people de-sensitized to this by the audible failure modes of VoIP
(and mobile telephony)? "you sound like you're underwater" or "you're
breaking up" are common enough these days.  an attacker could inject
this noise to cover gaps.

> Now compound the innate human ability to detect this with a security
> context where people are hopefully inherently skeptical a d you have a
> problem that's much harder than it appears at first glance.

Except we want something that works when users' desires to communicate
are at least as powerful as their skepticism.

But anyway, this seems like conjecture now.  Does anyone know of studies
or work in this vein?  does anyone have access to volume 26, number 4 of
Cryptologic Quarterly who migh be able to summarize the state of the
NSA's capabilities back in 2006?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140131/05d567e8/attachment.sig>


More information about the Messaging mailing list